summaryrefslogtreecommitdiffstats
path: root/net/netfilter
Commit message (Expand)AuthorAgeFilesLines
* netfilter: nf_tables: fix null deref due to zeroed list headFlorian Westphal2022-08-091-0/+1
* netfilter: nf_tables: disallow jump to implicit chain from set elementPablo Neira Ayuso2022-08-091-0/+4
* netfilter: nf_tables: upfront validation of data via nft_data_init()Pablo Neira Ayuso2022-08-095-113/+124
* netfilter: nf_tables: do not allow RULE_ID to refer to another chainThadeu Lima de Souza Cascardo2022-08-091-2/+5
* netfilter: nf_tables: do not allow CHAIN_ID to refer to another tableThadeu Lima de Souza Cascardo2022-08-091-2/+4
* netfilter: nf_tables: do not allow SET_ID to refer to another tableThadeu Lima de Souza Cascardo2022-08-091-1/+3
* netfilter: nf_tables: validate variable length element extensionPablo Neira Ayuso2022-08-092-16/+70
* netfilter: flowtable: fix incorrect Kconfig dependenciesPablo Neira Ayuso2022-08-051-2/+1
* netfilter: nf_tables: fix crash when nf_trace is enabledFlorian Westphal2022-08-051-11/+10
* Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski2022-07-283-1/+39
|\
| * netfilter: nft_queue: only allow supported familes and hooksFlorian Westphal2022-07-261-0/+27
| * netfilter: nf_tables: add rescheduling points during loop detection walksFlorian Westphal2022-07-261-0/+6
| * netfilter: nf_queue: do not allow packet truncation below transport header of...Florian Westphal2022-07-261-1/+6
* | Merge https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-nextJakub Kicinski2022-07-223-139/+342
|\ \
| * | net: netfilter: Add kfuncs to set and change CT statusLorenzo Bianconi2022-07-213-37/+74
| * | net: netfilter: Add kfuncs to set and change CT timeoutKumar Kartikeya Dwivedi2022-07-213-11/+58
| * | net: netfilter: Add kfuncs to allocate and insert CTLorenzo Bianconi2022-07-212-27/+189
| * | net: netfilter: Deduplicate code in bpf_{xdp,skb}_ct_lookupKumar Kartikeya Dwivedi2022-07-211-34/+18
| * | bpf: Switch to new kfunc flags infrastructureKumar Kartikeya Dwivedi2022-07-211-38/+11
* | | Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski2022-07-211-1/+1
|\ \ \ | | |/ | |/|
| * | ip: Fix data-races around sysctl_ip_default_ttl.Kuniyuki Iwashima2022-07-151-1/+1
* | | Merge git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf-nextJakub Kicinski2022-07-2031-260/+385
|\ \ \ | |/ / |/| |
| * | netfilter: xt_TPROXY: remove pr_debug invocationsJustin Stitt2022-07-211-23/+2
| * | netfilter: flowtable: prefer refcount_incFlorian Westphal2022-07-211-8/+3
| * | netfilter: ipvs: Use the bitmap API to allocate bitmapsChristophe JAILLET2022-07-211-3/+2
| * | netfilter: nf_tables: move nft_cmp_fast_mask to where its usedFlorian Westphal2022-07-111-0/+12
| * | netfilter: nf_tables: use correct integer typesFlorian Westphal2022-07-114-11/+12
| * | netfilter: nf_tables: add and use BE register load-store helpersFlorian Westphal2022-07-111-3/+3
| * | netfilter: nf_tables: use the correct get/put helpersFlorian Westphal2022-07-114-10/+11
| * | netfilter: x_tables: use correct integer typesFlorian Westphal2022-07-113-9/+9
| * | netfilter: nfnetlink: add missing __be16 castFlorian Westphal2022-07-111-1/+1
| * | netfilter: nft_set_bitmap: Fix spelling mistakeZhang Jiaming2022-07-111-2/+2
| * | netfilter: h323: merge nat hook pointers into oneFlorian Westphal2022-07-111-161/+99
| * | netfilter: nf_conntrack: use rcu accessors where neededFlorian Westphal2022-07-117-16/+57
| * | netfilter: nf_conntrack: add missing __rcu annotationsFlorian Westphal2022-07-113-3/+3
| * | netfilter: nf_flow_table: count pending offload workqueue tasksVlad Buslov2022-07-115-4/+165
| * | netfilter: conntrack: use correct format charactersBill Wendling2022-07-111-1/+1
| * | netfilter: conntrack: use fallthrough to cleanupJackie Liu2022-07-111-5/+3
| |/
* | netfilter: nf_tables: replace BUG_ON by element length checkPablo Neira Ayuso2022-07-091-21/+51
* | netfilter: nf_log: incorrect offset to network headerPablo Neira Ayuso2022-07-091-4/+4
* | netfilter: conntrack: fix crash due to confirmed bit load reorderingFlorian Westphal2022-07-073-0/+26
|/
* netfilter: nft_set_pipapo: release elements in clone from abort pathPablo Neira Ayuso2022-07-021-15/+33
* netfilter: nf_tables: stricter validation of element dataPablo Neira Ayuso2022-07-021-1/+8
* netfilter: nf_tables: avoid skb access on nf_stolenFlorian Westphal2022-06-272-23/+45
* netfilter: nft_dynset: restore set element counter when failing to updatePablo Neira Ayuso2022-06-271-0/+2
* netfilter: nf_dup_netdev: add and use recursion counterFlorian Westphal2022-06-211-4/+15
* netfilter: nf_dup_netdev: do not push mac header a second timeFlorian Westphal2022-06-211-4/+10
* netfilter: cttimeout: fix slab-out-of-bounds read typo in cttimeout_net_exitFlorian Westphal2022-06-171-1/+1
* netfilter: use get_random_u32 instead of prandomFlorian Westphal2022-06-082-20/+5
* netfilter: nf_tables: bail out early if hardware offload is not supportedPablo Neira Ayuso2022-06-062-2/+23
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-07 14:33:31 +0000